Skip to main content
A newer release of this product is available.

Create a cloud target

Contributors

POST /cloud/targets

Introduced In: 9.6

Creates a cloud target.

Required properties

  • name - Name for the cloud target.

  • owner - Owner of the target: fabricpool, snapmirror.

  • provider_type - Type of cloud provider: AWS_S3, Azure_Cloud, SGWS, IBM_COS, AliCloud, GoogleCloud, ONTAP_S3.

  • server - Fully qualified domain name of the object store server. Required when provider_type is one of the following: SGWS, IBM_COS, AliCloud.

  • container - Data bucket/container name.

  • access_key - Access key ID if provider_type is not Azure_Cloud and authentication_type is key.

  • secret_password - Secret access key if provider_type is not Azure_Cloud and authentication_type is key.

  • azure_account - Azure account if provider_type is Azure_Cloud.

  • azure_private_key - Azure access key if provider_type is Azure_Cloud.

  • cap_url - Full URL of the request to a CAP server for retrieving temporary credentials if authentication_type is cap.

  • snapmirror_use - Use of the cloud target if owner is snapmirror: data, metadata.

  • authentication_type - Authentication used to access the target: key, cap, ec2_iam, gcp_sa, azure_msi.

  • ssl_enabled - SSL/HTTPS enabled or disabled.

  • port - Port number of the object store that ONTAP uses when establishing a connection.

  • ipspace - IPspace to use in order to reach the cloud target.

  • use_http_proxy - Use the HTTP proxy when connecting to the object store server.

  • azure_sas_token - Shared access signature to grant limited access to Azure storage account resources.

  • svm.name or svm.uuid - Name or UUID of SVM if owner is snapmirror.

Default property values

  • authentication_type

  • ec2_iam - if running in Cloud Volumes ONTAP in AWS

  • gcp_sa - if running in Cloud Volumes ONTAP in GCP

  • azure_msi - if running in Cloud Volumes ONTAP in Azure

  • key - in all other cases.

  • server

  • s3.amazonaws.com - if provider_type is AWS_S3

  • blob.core.windows.net - if provider_type is Azure_Cloud

  • storage.googleapis.com - if provider_type is GoogleCloud

  • ssl_enabled - true

  • port

  • 443 if ssl_enabled is true

  • 80 if ssl_enabled is false and provider_type is not SGWS

  • 8084 if ssl_enabled is false and provider_type is SGWS

  • ipspace - Default

  • certificate_validation_enabled - true

  • ignore_warnings - false

  • check_only - false

  • use_http_proxy - false

  • server_side_encryption

  • none - if provider_type is ONTAP_S3

  • sse_s3 - if provider_type is not ONTAP_S3

  • url_style

  • path_style - if provider_type is neither AWS_S3 nor AliCloud

  • virtual_hosted_style - if provider_type is either AWS_S3 or _AliCloud_

  • storage aggregate object-store config create

Parameters

Name Type In Required Description

ignore_warnings

boolean

query

False

Specifies whether or not warning codes should be ignored.

check_only

boolean

query

False

Do not create the target configuration, only check that the POST request succeeds.

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When doing a POST, PATCH, or DELETE operation on a single record, the default is 0 seconds. This means that if an asynchronous operation is started, the server immediately returns HTTP code 202 (Accepted) along with a link to the job. If a non-zero value is specified for POST, PATCH, or DELETE operations, ONTAP waits that length of time to see if the job completes so it can return something other than 202.

  • Default value: 1

  • Max value: 120

  • Min value: 0

return_records

boolean

query

False

The default is false. If set to true, the records are returned.

  • Default value:

Request Body

Name Type Description

_links

_links

access_key

string

Access key ID for AWS_S3 and other S3 compatible provider types.

authentication_type

string

Authentication used to access the target. SnapMirror does not yet support CAP. Required in POST.

azure_account

string

Azure account

azure_private_key

string

Azure access key

azure_sas_token

string

Shared access signature token to access Azure containers and blobs.

cap_url

string

This parameter is available only when auth-type is CAP. It specifies a full URL of the request to a CAP server for retrieving temporary credentials (access-key, secret-pasword, and session token) for accessing the object store.

certificate_validation_enabled

boolean

Is SSL/TLS certificate validation enabled? The default value is true. This can only be modified for SGWS, IBM_COS, and ONTAP_S3 provider types.

  • Introduced in: 9.6

cluster

cluster

container

string

Data bucket/container name. For FabricLink, a wildcard character "*" can also be specified to indicate that all the buckets in an SVM can use the same target information. However, for containers other than ONTAP, an exact name should be specified.

  • example: bucket1

  • Introduced in: 9.6

  • readCreate: 1

ipspace

ipspace

IPspace to use in order to reach the cloud target.

name

string

Cloud target name

owner

string

Owner of the target. Allowed values are FabricPool, SnapMirror or S3_SnapMirror. A target can be used by only one feature.

port

integer

Port number of the object store that ONTAP uses when establishing a connection. Required in POST.

  • Introduced in: 9.6

provider_type

string

Type of cloud provider. Allowed values depend on owner type. For FabricPool, AliCloud, AWS_S3, Azure_Cloud, GoggleCloud, IBM_COS, SGWS, and ONTAP_S3 are allowed. For SnapMirror, the valid values are AWS_S3 or SGWS. For FabricLink, AWS_S3, SGWS, S3_Compatible, S3EMU, LOOPBACK and ONTAP_S3 are allowed.

  • Introduced in: 9.6

  • readCreate: 1

scope

string

If the cloud target is owned by a data SVM, then the scope is set to svm. Otherwise it will be set to cluster.

secret_password

string

Secret access key for AWS_S3 and other S3 compatible provider types.

server

string

Fully qualified domain name of the object store server. Required on POST. For Amazon S3, server name must be an AWS regional endpoint in the format s3.amazonaws.com or s3-.amazonaws.com, for example, s3-us-west-2.amazonaws.com. The region of the server and the bucket must match. For Azure, if the server is a "blob.core.windows.net" or a "blob.core.usgovcloudapi.net", then a value of azure-account followed by a period is added in front of the server.

server_side_encryption

string

Encryption of data at rest by the object store server for AWS_S3 and other S3 compatible provider types. This is an advanced property. In most cases it is best not to change default value of "sse_s3" for object store servers which support SSE-S3 encryption. The encryption is in addition to any encryption done by ONTAP at a volume or at an aggregate level. Note that changing this option does not change encryption of data which already exist in the object store.

  • enum: ["none", "sse_s3"]

  • Introduced in: 9.7

snapmirror_use

string

Use of the cloud target by SnapMirror.

ssl_enabled

boolean

SSL/HTTPS enabled or not

svm

svm

This field is only applicable when used for SnapMirror and FabricLink. For POST and PATCH, SVM information is required for SnapMirror and FabricLink targets and not allowed for FabricPool targets.

url_style

string

URL style used to access S3 bucket.

use_http_proxy

boolean

Use HTTP proxy when connecting to the object store.

used

integer

The amount of cloud space used by all the aggregates attached to the target, in bytes. This field is only populated for FabricPool targets. The value is recalculated once every 5 minutes.

uuid

string

Cloud target UUID

Example request
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "access_key": "string",
  "authentication_type": "string",
  "azure_account": "string",
  "azure_private_key": "string",
  "azure_sas_token": "string",
  "cap_url": "https://123.45.67.89:1234/CAP/api/v1/credentials?agency=myagency&mission=mymission&role=myrole",
  "cluster": {
    "name": "string",
    "uuid": "string"
  },
  "container": "bucket1",
  "ipspace": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "exchange",
    "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
  },
  "name": "string",
  "owner": "string",
  "provider_type": "string",
  "scope": "string",
  "secret_password": "string",
  "server": "string",
  "server_side_encryption": "string",
  "snapmirror_use": "string",
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  },
  "url_style": "string",
  "used": 0,
  "uuid": "string"
}

Response

Status: 202, Accepted
Name Type Description

job

job_link

Example response
{
  "job": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "uuid": "string"
  }
}

Headers

Name Description Type

Location

Useful for tracking the resource location

string

Error

Status: Default, Error
Name Type Description

error

error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

cluster

Name Type Description

name

string

The name of the cluster that owns the cloud target. For POST, this accepts the name of the peer cluster only if the cluster is in switchover state.

uuid

string

The UUID of the cluster that owns the cloud target. For POST, this accepts the UUID of the peer cluster only if the cluster is in switchover state.

ipspace

IPspace to use in order to reach the cloud target.

Name Type Description

_links

_links

name

string

IPspace name

uuid

string

IPspace UUID

svm

This field is only applicable when used for SnapMirror and FabricLink. For POST and PATCH, SVM information is required for SnapMirror and FabricLink targets and not allowed for FabricPool targets.

Name Type Description

_links

_links

name

string

The name of the SVM.

uuid

string

The unique identifier of the SVM.

cloud_target

Name Type Description

_links

_links

access_key

string

Access key ID for AWS_S3 and other S3 compatible provider types.

authentication_type

string

Authentication used to access the target. SnapMirror does not yet support CAP. Required in POST.

azure_account

string

Azure account

azure_private_key

string

Azure access key

azure_sas_token

string

Shared access signature token to access Azure containers and blobs.

cap_url

string

This parameter is available only when auth-type is CAP. It specifies a full URL of the request to a CAP server for retrieving temporary credentials (access-key, secret-pasword, and session token) for accessing the object store.

certificate_validation_enabled

boolean

Is SSL/TLS certificate validation enabled? The default value is true. This can only be modified for SGWS, IBM_COS, and ONTAP_S3 provider types.

  • Introduced in: 9.6

cluster

cluster

container

string

Data bucket/container name. For FabricLink, a wildcard character "*" can also be specified to indicate that all the buckets in an SVM can use the same target information. However, for containers other than ONTAP, an exact name should be specified.

  • example: bucket1

  • Introduced in: 9.6

  • readCreate: 1

ipspace

ipspace

IPspace to use in order to reach the cloud target.

name

string

Cloud target name

owner

string

Owner of the target. Allowed values are FabricPool, SnapMirror or S3_SnapMirror. A target can be used by only one feature.

port

integer

Port number of the object store that ONTAP uses when establishing a connection. Required in POST.

  • Introduced in: 9.6

provider_type

string

Type of cloud provider. Allowed values depend on owner type. For FabricPool, AliCloud, AWS_S3, Azure_Cloud, GoggleCloud, IBM_COS, SGWS, and ONTAP_S3 are allowed. For SnapMirror, the valid values are AWS_S3 or SGWS. For FabricLink, AWS_S3, SGWS, S3_Compatible, S3EMU, LOOPBACK and ONTAP_S3 are allowed.

  • Introduced in: 9.6

  • readCreate: 1

scope

string

If the cloud target is owned by a data SVM, then the scope is set to svm. Otherwise it will be set to cluster.

secret_password

string

Secret access key for AWS_S3 and other S3 compatible provider types.

server

string

Fully qualified domain name of the object store server. Required on POST. For Amazon S3, server name must be an AWS regional endpoint in the format s3.amazonaws.com or s3-.amazonaws.com, for example, s3-us-west-2.amazonaws.com. The region of the server and the bucket must match. For Azure, if the server is a "blob.core.windows.net" or a "blob.core.usgovcloudapi.net", then a value of azure-account followed by a period is added in front of the server.

server_side_encryption

string

Encryption of data at rest by the object store server for AWS_S3 and other S3 compatible provider types. This is an advanced property. In most cases it is best not to change default value of "sse_s3" for object store servers which support SSE-S3 encryption. The encryption is in addition to any encryption done by ONTAP at a volume or at an aggregate level. Note that changing this option does not change encryption of data which already exist in the object store.

  • enum: ["none", "sse_s3"]

  • Introduced in: 9.7

snapmirror_use

string

Use of the cloud target by SnapMirror.

ssl_enabled

boolean

SSL/HTTPS enabled or not

svm

svm

This field is only applicable when used for SnapMirror and FabricLink. For POST and PATCH, SVM information is required for SnapMirror and FabricLink targets and not allowed for FabricPool targets.

url_style

string

URL style used to access S3 bucket.

use_http_proxy

boolean

Use HTTP proxy when connecting to the object store.

used

integer

The amount of cloud space used by all the aggregates attached to the target, in bytes. This field is only populated for FabricPool targets. The value is recalculated once every 5 minutes.

uuid

string

Cloud target UUID

Name Type Description

_links

_links

uuid

string

The UUID of the asynchronous job that is triggered by a POST, PATCH, or DELETE operation.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.